Computer operators running a web browser often desire security in interactions with web sites to ensure that communications with the web site are not intercepted by third parties and that the user is not inadvertently in contact with a malicious counterfeit web site. Digital certificates are used to allow web sites to distribute public keys to client browsers in such a way that the computer operators are able to ensure that the public key that its' web browsers are using are verifiably linked to the web site the computer operators intend to access.
An administrator of a web site is able to acquire a digital certificate by generating a public key/private key pair, sending a certificate signing request (CSR) with its public key to a certificate authority (CA), and receiving a certificate signed by the CA storing the public key back from the CA. In a conventional system, the CA, prior to signing and returning the certificate, takes steps to ensure that the CSR has been sent by the actual entity in control of the web site. Typically this is done by checking to make sure that the CSR came from the e-mail address registered to the domain name of the web site in the central Internet domain name servers.